[libvirt] [PATCH 08/11] Don't allow renaming of domains by the backdoor
Eric Blake
eblake at redhat.com
Fri May 3 16:41:06 UTC 2013
On 05/03/2013 10:37 AM, Daniel P. Berrange wrote:
>>>
>>> + /* Not strictly ABI related, but we want to make sure domains
>>> + * don't get silently re-named through the backdoor when passing
>>> + * custom XML into various APIs, since this would create havoc
>>> + */
>>> + if (STRNEQ(src->name, dst->name)) {
>>> + virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
>>> + _("Target domain name '%s' does not match source '%s'"),
>>> + dst->name, src->name);
>>> + return false;
>>> + }
>>
>> The code makes sense, but I'd feel better delaying my ack until getting
>> confirmation that I'm correctly interpreting that rename is
>> intentionally denied on 'virsh save/restore', and rename during
>> migration is allowed only through the dname argument, after dxml is
>> already validated against the pre-rename xml.
>
> Yes, rename is intentionally denied in save/restore.
Good, I got it right, and you have ACK.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 621 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20130503/b6ad2296/attachment-0001.sig>
More information about the libvir-list
mailing list